Security: Prepare for the Worst, Hope for the Best

Tax Season 2018 has finally arrived, with the IRS opening the gates to 1040 returns.

Not to throw cold water on your enthusiasm, but what it means is, those cybercriminals we’ve been warning you about over the past months will now start playing for keeps.

By now, you should be fully armed and forewarned to defend against identity theft and tax related fraud.

You already know the major steps: Be suspicious of all unsolicited emails; NEVER open an attachment from a sender you don’t know; and never EVER give login or password information to another party via email. And if the suspicious email claims to be from an official source such as the IRS or us, call them and verify the message’s authenticity, using the telephone number on their website (not the one on the email).

Worst-Case Scenario

But what if “it” happens? “It” being compromise of your business’ login and password information – or the information of a client. Actually, swift action on the heels of discovery can help limit further damage. With the beginning of acceptance of returns by the IRS, the agency’s Return Preparer Office wants you to understand the best remedy if things don’t go right in your fight against fraud.

“Filing season has now arrived and we thank you for all you will do for taxpayers and tax administration. Over the last two months, we have shared information about the importance of protecting your systems and client data from cyber intruders and identity thieves.

“We hope you never experience a data compromise – whether by cybercriminals, theft or accident – but if it happens there are certain steps you should take. These include notifying law enforcement, your local IRS stakeholder liaison, the Federation of Tax Administrators (who will assist in notifying all the states in which you prepare state returns), your clients, your insurer, the credit bureaus, and others. (For those who have employers or hold franchises, please ensure you know what is required by your employer or your contract.)”

In addition to the obvious calls to law enforcement, don’t forget to contact your insurance company, to enlist the expertise of a computer security expert and contact your local stakeholder liaison of the Internal Revenue Service. We’ve included a list above for quick reference.

Forget genes; I’ve got words in my DNA. Communication has been part of who I am nearly all my life. From a long career in radio news to another one in newspapers – and a University of Georgia journalism degree sandwiched between the two – language has been my life. I’ve also been fortunate to have learned the tax business from the ground up here at Drake, starting with 1040.com online forms some years ago before moving on to work on the Web. In all things tax-ish, we aim to give you tools you can use.